How to Block Access to Proxy Websites using Application Control
06/30/2023 153 People found this article helpful 495,963 Views
Description
This article describes how to block access to proxy websites using the SonicWall App Control Advanced feature.
Resolution
Resolution for SonicOS 7.X
This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.
The SonicWall App Control Advanced feature contains numerous signatures to block access to proxy websites. Access can be restricted or blocked in the following three ways:
- Block by Category: This is a global setting blocking access to all proxy websites.
- Block by Application: In this method, particular proxy sites can be blocked by name.
- Block by Signatures: Using this method individual signatures for each site can be blocked.
Blocking the Category Proxy Access:
- Login to SonicWall management GUI.
- Navigate to Policies | Security Services | App control, make sure Enable App Control is enabled.
- Navigate to Signatures, Click Viewed by : Category and PROXY-ACCESS under Category.
- Click on Configuration button.
- In the Edit App Control Category window, select Enable under Block and Log fields.
- Click OK to Save.
Blocking an Individual Proxy website:
- Under App Control Signature page, select Viewed by : Application and select a proxy website you wish to block ( In this example Kproxy)
- Click on Configure button.
- In the Edit App control Application window, select Enable under Block and Log Fields.
- Click OK to save.
Blocking a signature for proxy website:
- Under App Control Signature page, select Application and select a proxy website you wish to block ( In this example Kproxy)
- Set Viewed by to Signature.
- Listed below would be signatures for the website you have selected under Application.
- Click on the configure button on any one of the signatures you wish to block.
- In the Edit App control signature window, select Enable under Block and Log fields.
- Click OK to save.
Resolution for SonicOS 6.5
This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.
The SonicWall App Control Advanced feature contains numerous signatures to block access to proxy websites. Access can be restricted or blocked in the following three ways:
- Block by Category: This is a global setting blocking access to all proxy websites.
- Block by Application: In this method, particular proxy sites can be blocked by name.
- Block by Signatures: Using this method individual signatures for each site can be blocked.
Blocking the Category Proxy Access:
- Login to the SonicWall Management GUI.
- Navigate to Manage at the top of the page
- Navigate to the Policies | Rules | Advanced Application Control page.
- Check the box under Enable App Control and click on the Accept button at the top to enable App Control.
- Under App Control Advanced | View Style select PROXY-ACCESS under Category
- Click on the configure button.
- In the Edit App Control Category window, select Enable under Block and Log fields.
- Click on OK to save.
Blocking an individual proxy website:
- Under App Control Advanced | View Style | Application, select a proxy website you wish to block. (In this example Kproxy)
- Click on the configure button.
- In the Edit App Control Application window, select Enable under Block and Log fields.
- Click on OK to save.
Blocking a signature for a proxy website:
- Under App Control Advanced | View Style | Application, select a proxy website you wish to block (in this example Vtunnel).
- Set Viewed By to Signature
- Listed below would be signatures for the website you have selected under Application.
- Click on the configure button on any one of the signatures you wish to block.
- In the Edit App Control Signature window, select Enable under Block and Log fields.
- Click on OK to save.
Testing
When accessing a proxy website earmarked for blocking, the following messages will be logged under Log | View, depending on the signature you have selected for blocking:
Resolution for SonicOS 6.2 and Below
The below resolution is for customers using SonicOS 6.2 and earlier firmware. For firewalls that are generation 6 and newer we suggest to upgrade to the latest general release of SonicOS 6.5 firmware.
The SonicWall App Control Advanced feature contains numerous signatures to block access to proxy websites. Access can be restricted or blocked in the following three ways:
- Block by Category: This is a global setting blocking access to all proxy websites.
- Block by Application: In this method, particular proxy sites can be blocked by name.
- Block by Signatures: Using this method individual signatures for each site can be blocked.
Blocking the Category Proxy Access:
- Login to the SonicWall Management GUI.
- Navigate to the Firewall | App Control Advanced page. In Gen5 TZ devices this page is under Security Services | App Control
- Check the box under Enable App Control and click on the Accept button at the top to enable App Control.
- Under App Control Advanced | View Style select PROXY-ACCESS under Category
- Click on the configure button.
- In the Edit App Control Category window, select Enable under Block and Log fields.
- Click on OK to save.
Blocking an individual proxy website:
- Under App Control Advanced | View Style | Application, select a proxy website you wish to block. (In this example Kproxy)
- Click on the configure button.
- In the Edit App Control Application window, select Enable under Block and Log fields.
- Click on OK to save.
Blocking a signature for a proxy website:
- Under App Control Advanced | View Style | Application, select a proxy website you wish to block (in this example Vtunnel).
- Set Viewed By to Signature
- Listed below would be signatures for the website you have selected under Application.
- Click on the configure button on any one of the signatures you wish to block.
- In the Edit App Control Signature window, select Enable under Block and Log fields.
- Click on OK to save.
Testing
When accessing a proxy website earmarked for blocking, the following messages will be logged under Log | View, depending on the signature you have selected for blocking:
Related Articles
Categories